Here’s how to find out if your Facebook was hacked in the breach

Are you one of the 30 million users hit by Facebook’s access token breach announced two weeks ago? Here’s how to find out.

Facebook breach saw 15M users’ names & contact info accessed, 14M’s bios too

Visit this Facebook Help center link while logged in: https://www.facebook.com/help/securitynotice?ref=sec.
Scroll down to the section “Is my Facebook account impacted by this security issue?”
Here you’ll see a Yes or No answer to whether your account was one of the 30 million users impacted. Those affected will also receive a warning like this atop their News Feed:
If Yes, you’ll be in one of three categories:
A. You’re in the 15 million users’ whose name plus email and/or phone number was accessed.
B. You’re in the 14 million users’ who had that data plus account bio data accessed including “username, gender, locale/language, relationship status, religion, hometown, self-reported current city, birthdate, device types used to access Facebook, education, work, the last 10 places they


Original URL: http://feedproxy.google.com/~r/Techcrunch/~3/4-kAdEAdjnI/

Original article

How to Use Fail2ban to Secure Your Linux Server

Improving your server security should be one of your top priorities, when it comes to managing a linux server. By reviewing your server logs, you may often find different attempts for brute force login,…
[[ This is a content summary only. Visit my website for full links, other content, and more! ]]


Original URL: http://feedproxy.google.com/~r/tecmint/~3/iBdx6m4nLAI/

Original article

400,000 Websites Vulnerable Through Exposed .git Directories

Open .git directories are a bigger cybersecurity problem than many might imagine, at least according to a Czech security researcher who discovered almost 400,000 web pages with an open .git directory possibly exposing a wide variety of data. From a report: Vladimir Smitka began his .git directory odyssey in July when he began looking at Czech websites to find how many were improperly configured and allow access to their .git folders within the file versions repository. Open .git directories are a particularly dangerous issue, he said, because they can contain a great deal of sensitive information. “Information about the website’s structure, and sometimes you can get very sensitive data such as database passwords, API keys, development IDE settings, and so on. However, this data shouldn’t be stored in the repository, but in previous scans of various security issues, I have found many developers that do not follow these best practices,”


Original URL: http://rss.slashdot.org/~r/Slashdot/slashdot/~3/y-PzGUkbweM/400000-websites-vulnerable-through-exposed-git-directories

Original article

5 Tools to Scan a Linux Server for Malware and Rootkits

There are constant level of high attacks and port scans on Linux servers all the time, while a properly configured firewall and regular security system updates adds a extra layer to keep the system…
[[ This is a content summary only. Visit my website for full links, other content, and more! ]]


Original URL: http://feedproxy.google.com/~r/tecmint/~3/YRsddHjsE0s/

Original article

Google launches Titan Security Key… that is nothing to do with Yubico

Google now has its own hardware security keys — the Titan Security Key. These FIDO-compatible keys include Google firmware that verifies the integrity of security keys at the hardware level. The Titan Security Key offers secure hardware-based two-factor authentication, and is available to Google Cloud customers. The keys are similar to those offered by Yubico — so similar, in fact, that the company has gone out of its way to stress that it is not manufacturing the devices for Google. See also: Google (sort of) redirects Duck.com to DuckDuckGo after complaints of anti-competitive behavior from its search rival Google, Facebook,… [Continue Reading]


Original URL: https://betanews.com/2018/07/26/google-titan-security-key/

Original article

Google Launches Its Own Physical Security Key

An anonymous reader writes: Google launched its own Titan Security Key on Wednesday, a small USB device which includes firmware developed by the omnipresent tech giant itself. This comes days after Google said its workforce has been phish-proof for more than a year thanks to security keys distributed to its 85,000 employees. The new key means new competition for Yubikey manufacturer Yubico which confirmed it is not involved with Google’s new key. The product is available now to Google Cloud customers and will eventually be available to general customers, the company announced Wednesday at its Google Cloud Next conference in San Francisco. CNET, which tested the device, adds: It’ll come in a bundle with both the USB and Bluetooth versions for $50, or you can buy one or the other for about $20 to $25 each, Brand said. The set of security keys should work on any device with a


Original URL: http://rss.slashdot.org/~r/Slashdot/slashdot/~3/-W51j4bP-7o/google-launches-its-own-physical-security-key

Original article

Simplify Login with Application Load Balancer Built-in Authentication

Today I’m excited to announce built-in authentication support in Application Load Balancers (ALB). ALB can now securely authenticate users as they access applications, letting developers eliminate the code they have to write to support authentication and offload the responsibility of authentication from the backend. The team built a great live example where you can try out the authentication functionality.
Identity-based security is a crucial component of modern applications and as customers continue to move mission critical applications into the cloud, developers are asked to write the same authentication code again and again. Enterprises want to use their on-premises identities with their cloud applications. Web developers want to use federated identities from social networks to allow their users to sign-in. ALB’s new authentication action provides authentication through social Identity Providers (IdP) like Google, Facebook, and Amazon through Amazon Cognito. It also natively integrates with any OpenID Connect protocol compliant IdP, providing secure authentication


Original URL: http://feedproxy.google.com/~r/AmazonWebServicesBlog/~3/pgm6ZiIBpBE/

Original article

Proudly powered by WordPress | Theme: Baskerville 2 by Anders Noren.

Up ↑

%d bloggers like this: